npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

open-encrypto-object

v1.0.4

Published

A Node.js library for recursively encrypting and decrypting primitive values within JSON objects/arrays using AES-256-GCM, while preserving the original data structure.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

brucegomesbrucegomes

Keywords

encryptiondecryptionaesaes-256gcmauthenticated encryptionjsonobjectarrayrecursivecryptosecuritydata protectionnode

Readme

open-encrypto-object

A simple JavaScript library for recursively encrypting primitive values within JSON objects and arrays using AES-256-GCM, preserving the structure.

Installation

You can install this library using npm:

npm install open-encrypto-object

Usage

This library provides an EncryptoService class to handle encryption and decryption.

// Import the EncryptoService class
const { EncryptoService } = require('open-encrypto-object');

// Define your secure encryption key and initialization vector (IV)
// These MUST be kept secret and secure. Generate them using a secure method.
// See the "Generating Key and IV" section below.
const keyHex = 'YOUR_64_CHAR_HEX_KEY'; // Replace with your actual 32-byte hex-encoded key
const ivHex = 'YOUR_32_CHAR_HEX_IV';   // Replace with your actual 16-byte hex-encoded IV

// Instantiate the service
const encryptoService = new EncryptoService(keyHex, ivHex);

// Define some sample data
const originalData = {
  userId: 1,
  userName: 'bruce pedro gomes',
  settings: {
    theme: 'dark',
    notifications: true
  },
  tags: ['important', 'urgent']
};

try {
  // Encrypt the object recursively
  const encryptedData = encryptoService.encryptJsonObject(originalData);

  // Encrypted data preserves the structure, but primitive values are replaced
  // with strings containing the encrypted data and an authentication tag.
  // Example structure:
  // {
  //   userId: 'encryptedBase64String.authTagBase64String',
  //   userName: 'encryptedBase64String.authTagBase64String',
  //   settings: {
  //     theme: 'encryptedBase64String.authTagBase64String',
  //     notifications: 'encryptedBase64String.authTagBase64String'
  //   },
  //   tags: [ 'encryptedBase64String.authTagBase64String', 'encryptedBase64String.authTagBase64String' ]
  // }
  console.log('Encrypted:', JSON.stringify(encryptedData, null, 2));

  // Decrypt the object recursively
  const decryptedData = encryptoService.decryptJsonObject(encryptedData);
  console.log('Decrypted:', decryptedData);

  // Verify the result
  console.log('Match:', JSON.stringify(originalData) === JSON.stringify(decryptedData)); // Use stringify for deep comparison

} catch (error) {
  console.error('Encryption/Decryption failed:', error);
  // Common errors include incorrect key/IV length or format,
  // or attempting to decrypt data with the wrong key/IV or if it was tampered with.
}

Why use open-encrypto-object?

  • Secure Sensitive Data: Easily encrypt sensitive primitive values (strings, numbers, booleans, null) within complex JSON objects or arrays before storage or transmission.
  • Strong Encryption: Utilizes AES-256-GCM, a robust, industry-standard authenticated encryption algorithm.
  • Data Integrity: GCM mode provides authentication, ensuring that the encrypted data hasn't been tampered with.
  • Preserves Structure: Encrypts only the primitive values, keeping the original object and array structure intact for easier use after decryption.

Generating Key and IV

You need a secure 32-byte (64 hex characters) key and a 16-byte (32 hex characters) IV to use EncryptoService. You can generate these using Node.js's built-in crypto module:

const crypto = require('crypto');

// Generate a 32-byte key for AES-256
const key = crypto.randomBytes(32).toString('hex');

// Generate a 16-byte IV for GCM (AES-GCM standard)
const iv = crypto.randomBytes(16).toString('hex');

console.log('Generated Key (Hex):', key);
console.log('Generated IV (Hex):', iv);
console.log('\nStore these securely! Do not commit them to version control.');

Important: Store your generated key and IV securely. Do not hardcode them directly in your source code if possible, and never commit them to version control. Use environment variables, secret management systems, or other secure methods appropriate for your application.

License

MIT